Forum Discussion

shaneturner's avatar
shaneturner
New Contributor
2 months ago
Solved

Extend supported browsers list

Can we please extend the list of supported browsers, especially on windows where the user can't manually do this.

You currently support: Firefox, Chrome, Brave, Edge and Arc

Genuine question. How hard would be be to add Zen and LibreWolf? You already cater to chronium based niche browsers such as Brave and Arc. As getting around the Windows issue seems to be a no-go ( waiting 2+ years ). Why is it so difficult?  Is it more complex than I expect to add a browser?

browser extension
feature request
windows
  • 1P_Dave's avatar
    1P_Dave
    2 months ago

    Hello shaneturner! ๐Ÿ‘‹

    Thank you for the feedback! We hope to build a secure way to use unsupported browsers with the 1Password for Windows desktop app and I've let the team know that you're eager to see this feature be introduced. 

    Genuine question. How hard would be be to add Zen and LibreWolf? You already cater to chronium based niche browsers such as Brave and Arc. As getting around the Windows issue seems to be a no-go ( waiting 2+ years ). Why is it so difficult?  Is it more complex than I expect to add a browser?

    Each supported browser was previously thoroughly vetted and reviewed by our security team. This process required a lot of manual work and, as a result, ended up with only a handful of supported browsers leaving every other browser that we couldn't find the time and resources to review out in the cold. It's why we've discontinued the old vetting process and we're hoping to bring the ability to use whatever browser you wish to the 1Password for Windows app in the future. 

    -Dave

    PB-46762200

9 Replies

Sort By
  • MattStockdale's avatar
    MattStockdale
    New Contributor
    21 days ago

    +1 for this feature. Please demonstrate respect for your users' privacy by supporting browsers that respect your users' privacy.

    That being said, I've passed your comments along internally and the team will continue to look out for ways to give users more control without compromising security.

    It may sound hyperbolic, but by encouraging the use of browsers that do not respect users' privacy by limiting functionality, AgileBits is taking a stance that is actively compromising customer security. Give me a warning and let me override it. Make me have to edit a config file in a hidden directory. I will jump through your hoops.

     

     

  • TheDave's avatar
    TheDave
    Occasional Contributor
    2 months ago

    With all of the major browsers now seemingly being actively user-hostile, something needs to be done. LibreWolf is a solid choice, although their defaults are a bit too aggressive from my perspective, but better that than being overly permissive.

    Until recently, I was content to neuter Firefox myself, using a LibreWolf-inspired set of policies and locked preferences, but as Firefox becomes more user-hostile they're making keeping up with this more of a challenge and the "it takes a village" approach of LibreWolf spreads the load. 

    1Password is the biggest dealbreaker for me, I use a strong password, and I'm just not up for typing it dozens of times a day, so I'm left with the choice of going with a minimal password, hardcoding it into a hardware key that I can smack as needed, or switching to a more user-focused password manager.

    I understand the risks, and I'll take it on, I am balancing this against the threats of browsers in their current state.

    A simple solution would be to check the hash of the browser's EXE and allow me to trust that hash in that exact location on disk, such that if it is changed unexpectedly, I'll be aware of it. Since LibreWolf doesn't self-update without the user being aware, and since it requires elevation to an administrative session to upgrade, the reality is that by the time someone can compromise my browser's EXE, they've already won.

  • 1P_Dave's avatar
    1P_Dave
    Icon for Moderator rankModerator
    2 months ago

    Hello shaneturner! ๐Ÿ‘‹

    Thank you for the feedback! We hope to build a secure way to use unsupported browsers with the 1Password for Windows desktop app and I've let the team know that you're eager to see this feature be introduced. 

    Genuine question. How hard would be be to add Zen and LibreWolf? You already cater to chronium based niche browsers such as Brave and Arc. As getting around the Windows issue seems to be a no-go ( waiting 2+ years ). Why is it so difficult?  Is it more complex than I expect to add a browser?

    Each supported browser was previously thoroughly vetted and reviewed by our security team. This process required a lot of manual work and, as a result, ended up with only a handful of supported browsers leaving every other browser that we couldn't find the time and resources to review out in the cold. It's why we've discontinued the old vetting process and we're hoping to bring the ability to use whatever browser you wish to the 1Password for Windows app in the future. 

    -Dave

    PB-46762200

    • ylemoigne's avatar
      ylemoigne
      New Contributor
      2 months ago

      When you say

      we're hoping to bring the ability to use whatever browser you wish to the 1Password for Windows app in the future

      Is it windows only ? Because I want to use LibreWolf on macos (which is not signed)

      The issue is becoming more important as Firefox new Term of service become active and lots of users are not accepting them.

      • 1P_Dave's avatar
        1P_Dave
        Icon for Moderator rankModerator
        2 months ago

        ylemoigne 

        Thanks for reaching out! On macOS, the 1Password app verifies the browserโ€™s code signature for authentication when it establishes the connection between the app and the browser extension. This authentication is designed to make it difficult for other applications and malware to intercept the account information and encryption keys that are passed through the connection. Without this authentication process, 1Password is unable to verify the app that is trying to communicate with it.

        With Librewolf not being signed, the two available options are:

        1. Use 1Password in the browser without app integration.
        2. Use another browser that is signed by the developer.


        That being said, I've passed your comments along internally and the team will continue to look out for ways to give users more control without compromising security.

        -Dave

        PB-46991878

    • owls's avatar
      owls
      New Contributor
      2 months ago

      That's great to hear. Can you share the timeline for this?

      I've recently had to switch away from Firefox, and LibreWolf was a good alternative. At first I didn't think I'd mind the degraded integration with 1Password, but after using it for a few days, I'm ready to start looking at alternatives.